Monday, January 18, 2016

Cooling Down the Hotlinks: Taming Bandwidth Usage with No Compromises

Last year, I noticed an alarming increase in the outbound traffic on  I was serving nearly 5GB of photos per day. For a static site with <500 page views per week, it was immediately apparent that something had gone terribly wrong.

As it turns out, I had been receiving enormous amounts of traffic from internet forums that had been hotlinking images from my site, most of which were from the weed page.

Luckily, it was incredibly easy to put a stop to this. Returning once again to the powerful sorcery of Lighttpd, we can easily reject certain types of traffic (In this case, images requested from domains other than mine) while allowing legitimate requests to pass through:

Note that this snippet allows certain referrers and user-agents through (such as Googlebot, Skype Web Preview, etc) so that legitimate uses are enabled.

This snippet will redirect all requests from invalid domains to this image, thus returning my bandwidth stats to sane levels while also expressing my mild irritation.

The aftermath scattered my face across the net, which was incredibly funny.